API Management Part 1 - An Introduction to API Life Cycle Management
In the current day scenario, everyone is talking about going cloud-native and migrations from on-prem servers to cloud. With that thought, we are now seeing a huge amount of growth in SaaS solutions. For example, Google offers a lot of these solutions like DialogFlow API and Geocode API , which are primarily APIs driven over REST, and this also shows the increase in interest in building software products designed and developed around the API First Approach.
So, with this context, we will get into the world of APIs and discuss their life cycle as well as manage an API Product.
What is an API?
APIs are a 'digital door to your enterprise'. They're an interface through which apps, devices and websites access the business data and functionality that they need.
APIs are everywhere. This article that you are reading right now is also delivered over an API Call to your device.
To get a better understanding you can have a look at this video of Chet Kapoor, VP, APIGEE
Management of these APIs become very crucial for you as a developer and also for customers who are subscribed to your APIs for data and functionality.
Let's see a few use cases for API Management:
1) Application Modernization: Currently most of the enterprises are modernizing their applications, irrespective of on-prem methods or via cloud migration and the end customers get to experience this modernization in various ways, with voice assistants and chatbots being the current buzz.
2) Expansion of reach by sharing data: Let's say you own an organisation that handles large sets of information. By creating an API Product, you can share this data and also provide additional functionalities for that data with ease.
3) Open new revenue channels by monetizing your proprietary data: By providing you own proprietary data, you can enable your business to be monetized over multiple channels other than you own application.
We also have a few digital use cases for the APIs drive:
1) App Modernization and IT agility: We can easily enable the new Hybrid Cloud Architecture to unify the new cloud systems and the existing on-prem systems.
2) Digital Customer Engagement: Deliver rich user experiences with smart engagement and measurable results. For example, Zomato has created APIs which track your food from order acceptance, kitchen updates till doorstep delivery. This helps the organisation engage the end customer in an immersive way and provide a great user experience.
3) Developer Ecosystems: Enable internal and external developers to deliver apps in less time through Self Service API portals. For example, Razorpay provides a payment gateway via a set of APIs, and you, as a developer, just need to register yourself on their portal and subscribe to their service to start using their APIs.
API Lifecycle Management.
An API lifecycle encompasses all the stages of API development, from conceptualization of the API to the point of deprecation and final retirement. It has become a crucial engineering concern to build concrete API’s. In order to succeed in today’s competitive, interconnected business landscape, organizations must give their API programs first-class treatment, that gives developers the flexibility to integrate with their ever-evolving internal and external environments. This is a big reason why choosing the right tool for API lifecycle management becomes important.
Two major recent acquisitions in the API space, Apigee’s acquisition by Google and 3scale by Red Hat are further evidence that the industry is converging on the need for API lifecycle management.
Understanding API Life Cycle
Planning and Designing the API - API planning and design involves mapping out various resources and operations, along with the business case scenarios before the API is fully implemented. With many dependent digital strategies relying on APIs, implementing them require a solid design.
Developing the API - The development phase of an API focuses on implementing the API based on the plan and design. Building the API as soon as possible is a key go-to-market strategy that concerns a lot of organizations. The ease and speed with which the desired API is implemented, in tandem with the design, is crucial for a good market strategy for a company’s API.
Testing the API - APIs deserve the same first-class treatment that you would give to any application. This means that APIs should be thoroughly tested and monitored for performance issues. Once you’ve made your API available to other developers, you take on a responsibility to ensure that nothing affects the API’s quality and performance. API functional testing tools like SoapUI and load testing tools like LoadUI are essential for testing API functionality and performance in pre-production environments.
Deploying the API - APIs, at the end of the day, must satisfy a use case for an end consumer, be it your own internal developer team, a partner company, or the general public. Deploying the API to a secure environment for facilitating easy discovery and consumption is essential for the success of your API strategy.
Retiring the API - Deprecation is a natural part of the API lifecycle. It is the phase where support for an API’s version, or in many cases, the entire API itself, is discontinued. Examples like the famous deprecation of the Netflix API, the ESPN API or more recently, the Google Hangouts API, are important reasons why API deprecation needs to be handled with care.
Since APIs become the epicentre for your products functionality, it is very crucial to manage them and this where API Management tools like APIGEE, WSO2 APIM and IBM RedHat’s 3scale come into the picture.
The following is a small diagram showing the core capabilities of an API Management Platform like APIGEE:
According to the diagram, we first have the Developer Ecosystems which are basically your API Portals which will allow the developer to register themselves and get access to the API Catalog and Client SDKs to support your APIs. The developer will also get access to all your serviceable API Products. The APIM will give your developers and partners a marketplace where they can subscribe to your API Product and can help you monetize the APIs over plans based on usage quotas or a flat fee.
In the middle, we have a set of Monitoring and Analytics capabilities which will give you a detailed report of your developer demographics or how your various API programs are operating.
At last, we have the Enterprise Gateway, which interacts with your core services. This layer provides security, the ability to transform or mediate your request or responses, which greatly help you when creating composite APIs. The APIM may also have an option to extend capabilities with extensions like invoking AWS Lambda or have Slack notifications pushed. APIM also helps you orchestrate a bunch of services to compose the data into one API and also will give you a set of policies that can be configured for API Abuse Prevention.
Next up, we will get into the details of API Management Tools, which is the topic for part 2 of this article. We will introduce ourselves to two of the major tools in the API Management Space, Google APIGEE and the open source WSO2 APIM and also take you through creating your first API Product and setting up the APIM to deliver that API Product to the world with your own self service portal.
See you then!